How To Add, Remove, Delete, Import, Export, Manage Registry Keys From Command Line In Windows

Registry is a database used by Windows operating systems to store information about applications, users, operating system, network etc. Registry is a single file located at C:\Windows\System32\Config . There are following files those holds registry values

HKEY_LOCAL_MACHINE is hold in SYSTEM

HKEY_LOCAL_MACHINE is hold in SAM

HKEY_LOCAL_MACHINE is hold in SECURITY

HKEY_LOCAL_MACHINE is hold in SOFTWARE

HKEY_USERS is hold in \winnt\profiles\username

HKEY_USERS.DEFAULT is hold in \system32\config\default

Help

Help information about reg command can be printed like below. We will use /? option.

1

$reg/?

Help

Registry Keys and Values

Registry values are hold in hierarchical manner like a tree. Registry keys hold the name and value hold real value. For example following path specifies current users Explorer version.

1

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer

As we can see the path starts with HKEY_CURRENT and resume according to hierarchy.

Sub Keys

Subkeys a registery keys too which used to inform that a keys child key is subkey and this sub key can hold subkeys in recursive manner too.

Query Value In The Registry

Registry values can be queried to get their values and sub keys. We will use query sub-command to query registry key named Explorer.

In this example there is one key and value pairs those listen in the first lines of the output. Below lines shows subkeys of queried registry key.

Add Key To Registry

We can add news keys to the registry. We will use /ADD option with related new key path and name in a single path. In this example we will add new key named Test to the given path. In order to modify registry we need Administrator privileges.

Delete Value In The Registry

Deleting key and values from registry easir than adding them. In order to delete a key and its data if data exist can be done /DELETE subcommand.

1

$reg deleteHKEY_CURRENT_USER\Software\Microsoft\MyName

Delete Value In The Registry

Deleting key from registry is a critical operation. So we should be careful while dealing registry key. During the deletion operation a confirmation required to answered yes.

Export From Registry

Registry keys can be exported with their values and subkeys. We will use EXPORT command for this operation. We need to specify the key tree to export and the file where the export output will be saved.

In this example we will export HKEY_CURRENT_USER\Software\Microsoft into file named Microsoft.reg

1

$reg exportHKEY_CURRENT_USER\Software\Microsoft Microsoft.reg

Import Into Registry

Saved registry keys and values can be imported similar to export operation. We will just provide the saved registry. This will automatically imported to the relevant tree hierarchy.